All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Export data to Hadoop

siva_cg
Path Finder
‎10-18-2018 04:59 AM

Hi Team,

I want to export data (not archiving data) from Splunk running on version 7.1.3 to Hadoop server in two cases.

1st case - Set of data using Splunk search
2nd case - All the events in a particular sourcetype from an index (I can create a separate index for that specific sourcetype and send whole index data to Hadoop)

In both cases, Can I use Hadoop Connect app to export data? I read that from Splunk version 6.5, we need to use Splunk Analytics for Hadoop but didn't find any document that says about data export using Splunk Analytics for Hadoop. Could you please suggest which app to use? Thanks in advance.

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

rdagan_splunk
Splunk Employee
Splunk Employee
‎10-21-2018 06:05 PM

Regarding your question about Splunk Hadoop Connect support Splunk 7.1.3 version - Splunk Hadoop Connect works without a problem with that version. And my recommendation is for you to ask your Splunk sales team to send that request to Splunk support.

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

rdagan_splunk
Splunk Employee
Splunk Employee
‎10-21-2018 06:05 PM

Regarding your question about Splunk Hadoop Connect support Splunk 7.1.3 version - Splunk Hadoop Connect works without a problem with that version. And my recommendation is for you to ask your Splunk sales team to send that request to Splunk support.

0 Karma
Reply
Solved! Jump to solution

siva_cg
Path Finder
‎10-22-2018 07:05 AM

Thank you @rdagan. Sure, I will contact my Splunk sales team for the request.

0 Karma
Reply
Solved! Jump to solution

inventsekar
SplunkTrust
SplunkTrust
‎10-18-2018 05:34 AM

Hi Siva, i am not sure.. but did you check about "Hadoop Data Roll"

https://docs.splunk.com/Documentation/Splunk/latest/Indexer/ArchivingindexestoHadoop

thanks and best regards,
Sekar

PS - If this or any post helped you in any way, pls consider upvoting, thanks for reading !
0 Karma
Reply
Solved! Jump to solution

siva_cg
Path Finder
‎10-18-2018 07:04 AM

Hi @inventsekar,
As per my understand, "Hadoop Data Roll" is used to move data from Splunk to Hadoop and use hdfs search for any future reports or searches. But in my usecase, I just want to copy some data to Hadoop server.

0 Karma
Reply
Solved! Jump to solution

rdagan_splunk
Splunk Employee
Splunk Employee
‎10-18-2018 09:14 AM

Yes, for both use cases Splunk Hadoop Connect is the right App.
Here is the link to the doc that will help you schedule that search and export:
http://docs.splunk.com/Documentation/HadoopConnect/latest/DeployHadoopConnect/Appdashboard

Just be aware that Splunk will normally recommend a dedicated Search Head if you plan on moving a large amount of data per day.

0 Karma
Reply
Solved! Jump to solution

siva_cg
Path Finder
‎10-19-2018 01:20 AM

Hi @rdagan,

Thank you for your response. Yeah, we will use dedicated Search Head for this purpose. Will Splunk Hadoop Connect support Splunk 7.1.3 version ?

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey

Can’t make it to .conf25? Join us online!

Watch Global Broadcast
Get Updates on the Splunk Community!

Community Content Calendar, September edition

Welcome to another insightful post from our Community Content Calendar! We're thrilled to continue bringing ...

Splunkbase Unveils New App Listing Management Public Preview

Splunkbase Unveils New App Listing Management Public PreviewWe're thrilled to announce the public preview of ...

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

Are you leveraging automation to its fullest potential in your threat detection strategy?Our upcoming Security ...